[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Slurpd cannot handle multiple replica statements for a single slave server (ITS#3223)

andreas@conectiva.com.br wrote:

> The workaround doesn't work for TLS because openldap can only serve one certificate.
> One cannot use two different names for the slave and only one certificate, because
> the common name won't match and the TLS connection will error.

Then you must add subjectAltName extensions to your server certificate 
listing all the valid names for the server.

   -- Howard Chu
   Chief Architect, Symas Corp.       Director, Highland Sun
   http://www.symas.com               http://highlandsun.com/hyc
   Symas: Premier OpenSource Development and Support